<?php
 include "counter.php";

pagestart(); 
?>
<html>
<?php pagehead("Privacy Policy") ?>
<BODY bgcolor="white">
<?php pagetop("Linux Counter Organization Privacy Policy") ?>
<p align="right">
this document is also available in
<a href="privacy_hu.php">Hungarian</a>
</p>
<p>
The Linux Counter Organization is committed to open communication and
respect for users' privacy.
<p>
This means that we will <em>only</em> reveal information to outsiders
that you choose to allow us to reveal. We will also <em>only</em>
store information about you that is relevant to our purpose, and we
will take reasonable measures to ensure that the information that you
have chosen to let us reveal is only used for the purposes you had in
revealing it.

<h2>Legal framework</h2>
The Counter is operated in Norway, and is subject to Norwegian privacy
laws; more information about those can be found at <a
href="http://www.datatilsynet.no">Datatilsynet</a>. The Counter is a
personal data registry according to the law, but is a "hobby activity", and
is therefore not required to have permission to operate.
<p>
The requirements of the law include, among other things:
<ul>
<li>The data must only be gathered with the permission of the
registered person
<li> The data must be used only for the purpose for which it is gathered
<li>The data must be accurate and up-to-date
</ul>
These are things the Counter project are required to do by law. They
are also principles with which the Counter Project heartily concur.

<h2>What is gathered, and how you grant permission</h2>
When you type data into a form in the Linux Counter, we assume that
you give us permission to store it.
<p>
There is a special field on the forms for revealing personal
information; the settings are:
<ul>
<li>No information about you as a person may be included in reports
<li>Your name, the email you entered for public viewing  and place of
residence may be included in the lists of Linux Counter users
<li>NOT YET IMPLEMENTED: All the data you have entered may be made
public. (This setting is intended to include machine data.)
</ul>
The counter stores a log of changes to the data, accessible only to
counter staff.
<p>
The reports of the counter that involve person info are linked with a
<a href="/legal.php">copyright notice</a> that forbids use for spam.

<h2>Who can get at information</h2>
There are 3 groups of persons relevant here.
<ul>
<li>The registrant can get at all information currently stored about
him.
<li>The Linux Counter maintainers can get at all information,
including historical information. They have promised to make use of it
only for running the counter. The names of the maintainers are public.
<li>Anyone else can see the information where permission to make it
public is given.
</ul>
There are methods whereby one can "probe" information; for
instance, when registering an already registered address, the counter
will give an error message if you enter an address that is already
registered. It is very hard to close all such loopholes, and even
harder to do so without making the counter less user friendly for the
case where the "prober" is the same person as the registered user; the
counter staff watches the logs for such activity, and will take action
if needed.

<h2>Antispam measures</h2>
There are 2 conflicting demands on the counter's supplying email
addresses:
<ul>
<li>The counter's person lists are intended to make it possible for
Linux users to find each other. This means that email must be visible.
<li>The stored emails are a prime target for spam target
gatherers. This means that it should be invisible.
</ul>
The choice so far has been to use a quota system; when someone is
accessing 2 or 3 pages looking for his friends, nothing happens; when
someone tries to gather up large pieces of the database, his access is
blocked. This seems to have worked well in practice; it does mean that
any spammer who tries to gather addresses will get a few of them, but
it is not possible to get any large proportion of them.
<p>
Obfuscation of addresses may be used too, but has to be balanced
against user friendliness.

<h2>Who to contact for comments</h2>
The board of the Linux Counter Organization is reachable as
<?php print emailCloaking("board@counter.li.org", 0) ?>.  Comments are welcome!

<?php pagebottom("yes") ?>
</body>
</html>


